Hi, Thank you for a great text! I've been looking for "as simpliest as possible" solution like that, to incorporate it into smaller projects, that do not need a complex, "heavy" RBAC module. Thank you again.

I want to create access role in yii application but i have a problem and dont know about where to assign role in yii like
i have three department role
1.admin -: admin have a all access role in our application
2.staff -: staff same of page and access role like to edit or update
3.user -: user have a all access page only viewing in our application

These type of role can set in controller but i can justify where to write all access in yii and how to set access role ,

You shouldn't use strstr() for the role check. If there are two roles named user and superuser then a check for user will always match superuser as well. Better to use array search or have an explicit delimiter...

<?phpclassWebUserextendsCWebUser{
/**
* Overrides a Yii method that is used for roles in controllers (accessRules).
*
* @param mixed $operation Name of the operation required (here, a role). Can be either string or an array of roles.
* @param mixed $params (opt) Parameters for this operation, usually the object to access.
* @return bool Permission granted?
*/publicfunctioncheckAccess($operation, $params=array()){
if (empty($this->id)) { // Not identified => no rightsreturnfalse;
}
$role = $this->getState("roles"); // Get role of userif ($role === 'admin') {
returntrue; // admin role has access to everything
}
if(is_array($operation)) { // Check if multiple roles are availablereturn (array_search($role,$operation)!==false);
}
return ($operation === $role);// allow access if the operation request is the current user's role
}
}